CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-38419 – Fuji Electric Tellus Lite V-Simulator out of bounds write
https://notcve.org/view.php?id=CVE-2021-38419
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an out-of-bounds write, which can result in data corruption, a system crash, or code execution. Fuji Electric V-Server Lite y Tellus Lite V-Simulator versiones anteriores a 4.0.12.0, son vulnerables a una escritura fuera de límites, que puede resultar en una corrupción de datos, a un bloqueo del sistema o a una ejecución de código This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V9 files in the V-Simulator module. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-21-299-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21228 – ICSA-22-090-03 Fuji Electric Alpha5
https://notcve.org/view.php?id=CVE-2022-21228
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. El producto afectado es vulnerable a un desbordamiento del búfer en la región stack de la memoria, que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C5P files in the Server Operator module. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-03 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21214 – ICSA-22-090-03 Fuji Electric Alpha5
https://notcve.org/view.php?id=CVE-2022-21214
The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution. El producto afectado es vulnerable a un desbordamiento de búfer en la región heap de la memoria, que puede conllevar a una ejecución de código This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C5P files in the Server Operator module. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-03 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24383 – ICSA-22-090-03 Fuji Electric Alpha5
https://notcve.org/view.php?id=CVE-2022-24383
The affected product is vulnerable to an out-of-bounds read, which may result in code execution El producto afectado es vulnerable a una lectura fuera de límites, que puede resultar en la ejecución de código This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C5P files in the Server Operator module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-03 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21202 – ICSA-22-090-03 Fuji Electric Alpha5
https://notcve.org/view.php?id=CVE-2022-21202
The affected product is vulnerable to an out-of-bounds read, which may result in disclosure of sensitive information. El producto afectado es vulnerable a una lectura fuera de límites, que puede resultar en una divulgación de información confidencial This vulnerability allows remote attackers to disclose sensitive information on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of A5V files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-03 • CWE-125: Out-of-bounds Read •